Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix hardcoded_credentials rule to only match on more specific patterns #1009

Merged
merged 3 commits into from
Sep 5, 2023

Conversation

ccojocar
Copy link
Member

@ccojocar ccojocar commented Sep 5, 2023

fixes #1001

Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
@codecov-commenter
Copy link

Codecov Report

Patch coverage: 80.00% and no project coverage change.

Comparison is base (325eb19) 72.18% compared to head (4578111) 72.18%.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the GitHub App Integration for your organization. Read more.

Additional details and impacted files
@@           Coverage Diff           @@
##           master    #1009   +/-   ##
=======================================
  Coverage   72.18%   72.18%           
=======================================
  Files          51       51           
  Lines        3635     3635           
=======================================
  Hits         2624     2624           
+ Misses        923      922    -1     
- Partials       88       89    +1     
Files Changed Coverage Δ
rules/hardcoded_credentials.go 74.63% <80.00%> (ø)

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@ccojocar ccojocar merged commit 6c93653 into securego:master Sep 5, 2023
6 checks passed
@ccojocar ccojocar deleted the match-high-confidence-patterns branch May 13, 2024 16:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

False vulnerabilities being reported by v2.17.0
2 participants